DevOps Design Pattern: Implementing DevOps best practices for secure and reliable CI/CD pipeline
9789355519924
DevOps design patterns encompass a set of best practices aimed at revolutionizing the software development lifecycle. It
126
97
14MB
English
Pages 320
Year 2023
Report DMCA / Copyright
DOWNLOAD EPUB FILE
Table of contents :
Cover
Title Page
Copyright Page
Dedication Page
About the Author
About the Reviewers
Acknowledgement
Preface
Table of Contents
1. Why DevOps
Introduction
Structure
Objectives
What is DevOps
Classification
Usage of DevOps in the modern world
Advantages of DevOps
Disadvantages of DevOps
Agile and DevOps go hand-in-hand
DevOps best practices
Involvement of stakeholders in the method
Automated testing and building environments
Integrated configuration and change management
Continuous integration and continuous deployment
Continuous delivery and product support
Application monitoring and automation of dashboards
Best tools to use for CI/CD pipeline
Jenkins
TeamCity
CircleCI
Travis CI
GitLab CI
Bamboo
Semaphore
GoCD
Azure DevOps
CodeShip
Bitrise
Drone CI
Challenges that DevOps helps overcome
Overcoming the dev versus ops mentality
Common understanding of CD practices
Moving from legacy infrastructure and architecture to microservices
Implementing a test automation strategy
Too much focus on tools
Team ownership for deployments and releases
Resistance to change
Key metrics are being acted upon
Dev and Ops toolset clashes
Getting started with continuous learning
Measuring the success of DevOps implementation
Evaluate the need to implement DevOps practice
Break the organizational silos and encourage collaboration
Put customer/end-user satisfaction at the center
Do not jump start, instead, start small and then scale up
Automate wherever possible
Select tools that are compatible with each other
Define performance reviews for team and an individual
Ensure real-time visibility into the project
Integrate and deliver continuously
Achieve better results with monitoring and feedback
Conclusion
2. Implement Version Control and Tracking
Introduction
Structure
Objectives
What is Version Control or Source Control
What is source code management
Benefits of using Version Control
Version Control tools in DevOps
GitHub
GitLab
Bitbucket
Perforce
Apache subversion
Hg
How does version control work
Why is Version Control necessary
Simpler and better bug suppressing
Concurrent growth
Greater dependability of the final result
Decompose by business capability
Problem: How to decompose an application into services
Problems: How do you establish a business capability
Guidelines for using Git
Create clear, focused commitments
Commit early, commit often
Conclusion
3. Dynamic Developer Environment
Introduction
Structure
Objectives
Why feature environment
Accelerating the installation process
Information processes automation and orchestration
Coordination of operations and production organizations
What is agile in software development
Agile methodologies
Last impressions
Faster delivery
Creating a shorter route between points a and b
Send out little medals
What are our pain points
Ideal solution
Atmosphere for entrepreneurship shortcomings
Infrastructure changes
Routing of feature environments
Robotics to the rescue
Fundamental concept is a three-step procedure
Accelerated shipping
Our machining might differ
Automate deployment to feature environments
What exactly is a features atmosphere
What is the point of creating features climates
Presence of characteristic elements in all habitats
Removal of obsolete feature environments
Conclusion
4. Build Once, Deploy Many
Introduction
Structure
Objectives
Build Once Deploy Many
Library dependencies
Testing limitations
Wrapping up
Building docker image
Docker image use cases
Docker container vs. Docker image
Anatomy of a Docker image
Docker image repositories
Creating a Docker image
Interactive method
Docker file method
Docker image commands
Environment overlays
How do overlays affect application deployment
Continuous deployment
Continuous deployment vs. continuous delivery
Continuous deployment tools
Pros and cons
Conclusion
5. Frequently Merge Code: Continuous Integration
Introduction
Structure
Objectives
Traditional software development
Commit early, commit often
Build only once
Clean your environments
Monitor and measure your pipeline
Keep the builds green
Streamline your tests
Make it the only way to deploy to production
Make it a team effort
Best tools to build robust CI process
Step-by-step building robust and fully automatic CI process
Conclusion
6. Software Packaging and Continuous Delivery
Introduction
Structure
Exploring the benefits of CD
Increasing developer productivity
Simplifying implementation through automation
Accelerating feedback delivery
Enhancing testing quality
Expediting market introduction of new capabilities
Selecting the tools for a robust CD process
AWS Code Deploy
Octopus deploy
Jenkins
TeamCity
Deploy Bot
GitLab
Bamboo
Circle
Code ship
Google Cloud Deployment Manage
Building a robust and fully automatic CD process
Measuring considerations for calibrating a CD pipeline
Analyzing the lead time in a CD pipeline
Evaluating the cycle time in a CD pipeline
Assessing the Mean Time to Recovery
Examining defect resolution time
Understanding the test pass rate
Best practices for adopting continuous delivery
Develop Service Level Objectives
Automating SLO evaluation with quality gates
Automating every redundant process
Keeping everything in version control
Providing fast, useful feedback
Deploying the same way to every environment
Avoiding direct changes in the production environment
Deploying to every environment the same way
Deploying in a copy of production
Including the database
Eliminating complexity
Establishing observability and continuous monitoring
Conclusion
7. Automated Testing
Introduction
Structure
Objectives
Adopting test automation
Introducing tool integration
Tracking metrics
Leverage containerization
Keeping communication transparent
Saving time with headless execution
Exploring multi-layer tests
Integrating performance testing into delivery cycle
Building robust continuous testing with tools
Continuous testing
How test management tools work
Step-by-step build robust and fully automatic continuous testing
Conclusion
8. Rapid Detection of Compliance Issues and Security Risks
Introduction
Structure
Objectives
Types of continuous monitoring
Network monitoring
Why network monitoring
Benefits of network monitoring
How to use network monitoring
Configuring network monitoring
Infrastructure monitoring
Benefits of infrastructure monitoring
Configuring infrastructure monitoring
Application Performance Monitoring
Benefits of Application Performance Monitoring
When to use Application Performance Monitoring
Web application monitoring on Azure
Application Insights
Azure Container Insights
Azure VM Insights
Setup alerts
Visualize monitoring data
Dashboards
Azure workbooks
Power BI
Configuring automatic continuous monitoring
Conclusion
9. Rollback Strategy
Introduction
Structure
Objectives
Introducing rollback strategies
Manual rollback procedures
Automated rollback scripts
Snapshot backups
Version control
Hotfix rollback strategy
Feature toggles rollback strategy
Immutable infrastructure rollback strategy
Canary deployment
A/B testing deployment strategy
Blue-green deployment
Shadow deployment
Conclusion
10. Automated Infrastructure
Introduction
Structure
Objectives
Infrastructure as Code
How to choose the best IaC tool
Introducing Terraform
Pipeline as a Code
Platform as Code
Configuration as Code
Policy as Code
GitOps methodology
GitOps WorkFlow
Use cases of GitOps
Best tools for IaC
Conclusion
11. Focus on Security: DevSecOps
Introduction
Structure
Objectives
Principles of DevSecOps
Automate security processes
Collaborate across teams
Implementing security by design
Using secure coding practices
Integrating compliance and governance
Implementing DevSecOps training and education
Integrating security into the deployment pipeline
Maintaining visibility and control
Collaboration between DevOps and security
Threat modelling
Compliance as code
Container security
DevSecOps metrics
Securing the public endpoints
Define policy and governance
User right network tools to filter traffic
Define and implement IAM, RBAC and 2FA
Implementing least privilege model
Segregating DevOps network
Using password manager
Conclusion
Index